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Abstract 

It follows from the famous Fagin's theorem that all problems in NP are expressible in existential 
second-order logic (3SO), and vice versa. Indeed, there are well-known 3SO characterizations of NP- 
complete problems such as 3-colorability, Hamiltonicity and clique. Furthermore, the 3SO sentences 
that characterize those problems are simple and elegant. However, there are also NP problems that 
do not seem to possess equally simple and elegant 3SO characterizations. In this work, we are mainly 
interested in this latter class of problems. In particular, we characterize in second-order logic the 
class of hypercube graphs and the classes SATQBF^ of satisfiable quantified Boolean formulae with k 
alternations of quantifiers. We also provide detailed descriptions of the strategies followed to obtain 
the corresponding nontrivial second-order sentences. Finally, we sketch a third-order logic sentence 
that defines the class SATQBF = Uj.>jSATQBFj.. The sub-formulae used in the construction of 
these complex second- and third-order logic sentences, are good candidates to form part of a library 
of formulae. Same as libraries of frequently used functions simplify the writing of complex computer 
programs, a library of formulae could potentially simplify the writing of complex second- and third- 
order queries, minimizing the probability of error. 

Keywords: second-order logic, third-order logic, quantified Boolean formulae, queries, finite model 
theory, hypercube graphs 



1 Introduction 

Examples of second-order formulae expressing different properties of graphs are fairly 
common in the literature. Classical examples are S-colorability, Hamiltonicity, and 
clique (see [5J [TO] among others) . These properties can be expressed by simple and 
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2 Expressing Properties in Second and Third Order Logic 

elegant second-order formulae. Likewise, there are graph properties that can be ex- 
pressed by simple and elegant third-order formulae. One of those properties is that 
of being a hypercube graph (see [5]). An n-hypercube graph Q„, also called an n-cube, 
is an undirected graph whose vertices are binary n-tuples. Two vertices of Q„ are 
adjacent iff they differ in exactly one bit. 

The expressive power of third-order logic is not actually required to characterize 
hypercube graphs, since they can be recognized in nondeterministic polynomial time. 
Recall that by Fagin's theorem [4|, 3S0 captures NP. Thus there are formulae in 
existential second-order logic (3S0) which can express this property. Nevertheless, to 
define the class of hypercube graphs in second-order logic is certainly more challenging 
than to define it in third-order logic. 

From an applied perspective, this indicates that it makes sense to investigate higher- 
order quantifiers in the context of database query languages. Despite the fact that 
most of the queries commonly used in the industry are in P, the use of higher-order 
quantifiers can potentially simplify the way in which many of those queries are ex- 
pressed. 

Let SATQBFfe denote the class of satisfiable quantified Boolean formulae with 
k alternating blocks of quantifiers. From Fagin-Stockmeyer characterization of the 
polynomial-time hierarchy [13] and the fact that SATQEF^ is complete for the level 
EjJ of that hierarchy [T31, it follows that for every fc > 1, SATQBFfc can be defined by 
a formula in the prenex fragment of second-order logic with k alternating blocks 
of quantifiers. SATQBFfc provides a prime example of a property (or query) whose 
expression in the language of second-order logic is possible but challenging. Indeed, 
it is not a trivial task to write a second-order logic sentence that evaluates to true 
precisely on those word models that represent sentences in SATQBF^. As usual in 
finite model theory [J| , the term word model refers here to a finite relational structure 
formed by a binary relation and a finite number of unary relations. By contrast, if 
we restrict our attention to quantified Boolean formulae in which the quantified free 
part is in conjunctive normal form and has exactly three Boolean variables in each 
conjunct, then the problem is expressible in monadic second-order logic provided that 
the formulae are encoded using a different kind of finite relational structures which 
include ternary relations (see |10)). 

Thus, on the one hand there are well-known NP-complete problems such as 3- 
colorability, Hamiltonicity and clique, that have corresponding well-known charac- 
terizations in 3S0 which are simple and elegant. Those characterizations have in 
common that the existential second-order quantifiers can be identified with the guess- 
ing stage of the NP algorithm, and that the remaining first-order formula corresponds 
to the polynomial time deterministic verification stage. On the other hand, there are 
well-known problems such as hypercube graph (which can also be characterized in 
3S0) and SATQBF^ (which can be characterized in S^) that do not appear to have 
a straightforward characterization in second-order logic, even if we consider the full 
second-order language. 

This observation prompted us to write second-order characterizations of hypercube 
graph and SATQBF/j. The resulting second-order sentence for hypercube graph can 
be found in [11 . The corresponding sentence for SATQBF^ was included in 12 . Both 
sentences are complex and several pages long. In this article we present a detailed 
description of the strategies followed to write these sentences. The sub-formulae used 



Expressing Properties in Second and Third Order Logic 3 

for the implementation of these strategies could be part of a future library of second- 
order formulae. Same as libraries of frequently used functions simplify the writing 
of complex computer programs, a library of formulae could potentially simplify the 
writing of complex second-order queries, minimizing the probability of error. 

The minimization of the probability of error constitutes an important objective in 
the context of this work, since given a query q and a second-order formula ip, it is not 
possible to formally prove whether ip expresses q. For this reason, we make use of full 
second-order logic to present the characterizations of hypercube graph and SATQBFfe, 
even though its EISO and fragments, respectively, already have the expressive power 
required for these tasks. This has permitted us to write relatively clear and intuitive 
formulae as well as to follow a top-down strategy, similar to that commonly used in 
the development of computer programs, to further reduce the chance of error. 

If we consider the whole class SATQBF = lJj,>j^SATQBFfe of satisfiable quantified 
Boolean formulae, then the problem becomes PSPACE-complete. Since PSPACE can 
be captured by second-order logic extended with a transitive closure operator, and 
furthermore this logic is widely conjectured to be strictly more expressive than the 
standard second-order logic, the existence of a second-order logic characterization of 
this problem is unlikely. Thus, we decided to look for a characterization in third-order 
logic. Note that it is a well-known fact that third-order logic is powerful enough as to 
characterize every problem in PSPACE. We conclude the paper presenting a sketch 
of a third-order logic sentence that defines the class SATQBF. That is, we present a 
strategy to write a third-order sentence that evaluates to true precisely on those word 
models that represent sentences in SATQBF. 

We strongly believe that in many respects the descriptive approach to Complexity is 
more convenient than the classical one. That is, using formulae of some logic to study 
upper bounds in the time or space complexity of a given problem, instead of Turing 
machines. There are many different measures which can be taken on the formulae 
that express a given problem such as quantifier rank, quantifier blocks alternation, 
number of variables, number of binary connectives, and arity of quantified relation 
variables. It has been proved that bounds on those measures impact on the expressive 
power of logics over finite models (see [TU], [3], [S])- Furthermore, it is rather obvious 
that all those measures are decidable, in contrast to the use of Turing machines, where 
the usual measures relevant to computation power such as time, space, treesize, and 
number of alternations, are clearly undecidable. Regarding lower bounds there are 
also several well studied and powerful techniques in Descriptive Complexity which 
proved to be extremely useful in the last decades, such as Ehrenfeucht-Fraisse games 
and their variations (see [S] in particular) and 0-1 Laws (again see (TU], [3], [H])- 

Hence, it is important to learn how to build formulae which are large, but still 
intuitive and clearly understandable in a top down approach, in the same way that this 
is important in the construction of algorithms in the classical approach to Complexity, 
which are also clear and intuitive no matter their size. The work reported in this 
article is to the authors' knowledge one of the first steps in that direction. 

In the next section, we introduce the necessary notation and formally describe by 
means of a third-order logic sentence, the class of hypercube graphs. In Section 3, 
we define in second-order logic the basic arithmetic operations that we need for this 
work. We describe the strategy used to characterize the class of hypercube graphs 
in the language of second-order logic in Section 4. In Section 5 we formally describe 
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the problems SATQBFfc and SATQBF, and we consider their complexity. In Section 
6, we explain in full detail how to build for each /c > 1, a second-order sentence 
that expresses SATQBFk- In Section 7 we explain how to build a third-order logic 
sentence which expresses SATQBF, and we give a sketch of such formula. Finally in 
Section 8, we present some final considerations. 

2 Background 

We assume that the reader is acquainted with the basic concepts and the framework 
of Finite Model Theory O [10]. We use the notation from p] . 

We work on the vocabulary a — {E} of graphs. An undirected graph G is a finite 
relational structure of vocabulary a satisfying ipi = \/xy{E{x,y) — >■ E{y,x)) and 
ip2 = yx{-'E{x,x)). If we do not require G to satisfy neither ipi nor ip2, then we 
speak of a directed graph (or digraph). We denote as V the domain of the structure 
G, i.e., the set of vertices of the graph G. The edge relation of G is denoted as E^. 

By second-order logic we refer to the logic that is obtained when first-order logic is 
extended with second-order variables which range over subsets and relations defined 
over the domain, and quantification over such variables. As usual, we use uppercase 
letters X,Y, Z, . . . to denote second-order variables and lower case letters x,y,z, . . . 
to denote first-order variables. The arity of the second-order variables that we use in 
our formulae is always clear from the context. See [10] or [3] for a formal definition 
of second-order logic in the context of finite model theory. We include an example of 
a second-order formula that defines a simple graph property instead. 

Example 2.1 

An undirected graph G is regular if all its vertices have the same degree. It is well 
known that the class of regular graphs is not definable in first-order logic [H [8] . In 
second-order logic, this class can be defined as follows: 

3A(yx{3B{Al A A2))) where 

• Al expresses "B is the set of vertices which are adjacent to x" . 
Al =Vz(B(z) ^E{x,z)) 

• A2 expresses "the sets A and B have the same cardinality" with a formula stating 
that there is a bijection F from A to B. 

A2 = 3Fyxyz{A2.1 A A2.2 A A2.3 A A2.4 A A2.5) where 

— A2.1 means "_F is a subset of A x B". 
A2.1 EE (F{x, y) A{x) A B[y)) 

— A2.2 means "F is a function" . 
A2.2 = {F{x, y) A F{x, z) y ^ z) 

— A2.3 means "i^ is total" . 
k22={A{x)^3y{F{x,y))) 

— A2.4 means "i^ is injective". 

A2.4 = {F{x, z) a F{y, z) ^ x = y) 

— A2.5 means "F is surjective". 
A2.5={B{y)-^3x{Fix,y))) 

We say that a sentence ip expresses a Boolean query q (or property) over finite 
relational structures of vocabulary a, if for every finite relational structure G of 
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vocabulary a, q{G) = true iff G ^ (ys. For instance the sentence in Example 12.11 
expresses the Boolean query: Is G a regular graph? We denote by Mod{(p) the class 
of finite cr-structures G such that G \= if. A class of finite cr-structures C is definable 
in a logic £, if C = M od{ip) for some ^-sentence if of vocabulary a. For instance 
the class of regular graphs is definable in second-order logic, as shown by the formula 
given in Example 12.11 

Next, we define the class of hypercube graphs using a relatively simple and elegant 
formula in third- order logic. This logic extends second-order logic with third-order 
variables which range over subsets and relations defined over the powerset of the 
domain, and quantification over such variables. We use uppercase calligraphic letters 
X ,y, Z, . . . to denote third-order variables. A formal definition of higher-order logics 
in the context of finite model theory can be found in [7 among others. 

Example 2.2 

An n-hypercube (or n-cube for short) Q„ can be defined as an undirected graph whose 
vertices are all the binary n-tuples. Two vertices of Qn are adjacent iff they differ 
in exactly one bit. A 1-cube Qi, a 2-cube Q2 and a 3-cube Q3 are displayed in 
Figure 2.1. 

We can build an (n -I- l)-cube Q„+i starting with two isomorphic copies of an n- 
cube Q„ and adding edges between corresponding vertices. Using this fact, we can 
define in third-order logic the so called class of hypercube graphs, as follows: 

3C3e)(AlAA2AVGiVG2((C(Gi) AC(G2) AA3) ^ A4) A A5 A A6) where 

• Al expresses "C is a class of undirected graphs" . 

• A2 expresses "O is a total order on C" . 

• A3 expresses "Gi is the immediate predecessor of G2 in the order 0" . 

• A4 expresses "G2 can be built from two isomorphic copies of Gi by adding edges 
between the corresponding vertices" . 

• A5 expresses "the first graph in the order O is a Qi". 

• A6 expresses "the last graph in the order O is the input graph" . 

In turn, we can express A4 as follows: 
3Fi3F2 (A4.1 A A4.2 A A4.3 A yx{x £ dom{Gi) A4.4)A 
-^3xy{x, y G dom{Gi) A x y A A4.5)) where 

• A4.1 expresses "Fi and F2 are injective and total functions from dom{Gi) to 
dom(G2)". 
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• A4.2 expresses "the ranges of Fi and F2 form a partition of dom{G2)" ■ 

• A4.3 expresses "Fi and F2 are isomorphisms from Gi to the sub-graphs of G2 
induced by the ranges of Fi and F2 , respectively" . 

• A4.4 expresses "there is an edge in G2 which connects Fi{x) and F2{x)" . 

• A4.5 expresses "there is an edge in G2 which connects Fi{x) and i^2(2/)"- 

Note that, if there is an edge (a, b) in G2 such that a belongs to the range of Fi 
and b belongs to the range of F2, or vice versa, then either F^^{a) = F2^{b) or 
F,-\b)=F,-Ha). 

The missing logic formulae in this example are left as an exercise for the reader. 

The property of a graph being an n-cube for some n, is known to be in NP. A 
nondeterministic Turing machine can decide in polynomial time whether an input 
structure G of the vocabulary a of graphs is an hypercube, by simply computing the 
following steps: 

i. Compute the logarithm in base 2 of the size n of the domain of the input structure 
G which must be a positive integer; 

ii. Guess a sequence si, . . . , s„ of n binary strings, each of length log2 n; 

iii. Check in polynomial time that all binary strings are unique, that the sequence 
contains all binary strings of length log2 n and that, for some ordering cis„ 
of the nodes in V, a string Si differs from a string Sj in exactly 1 bit iff there is 
an edge {as,, as-) G E'^. 

Thus, as we mentioned in the introduction, the full expressive power of third-order 
logic is not actually needed to characterize the class of hypercube graphs. In fact, 
there is a formula in 3S0 which can express this property. Recall that by Fagin's 
theorem [3], EJSO captures NP. However, it is very unlikely that there is a formula 
in second-order logic, not to mention in 3S0, that expresses the property in a way 
which is as intuitive and simple as in the example above. 

3 Arithmetic in Second-Order Logic 

We define in this section the basic arithmetic operations of addition, multiplication 
and exponentiation in second-order logic over finite structures. We encode initial 
segments of natural number as finite relational structures by using linear digraphs. 
Let G be a linear digraph. The first (root) element of the domain in the order 
determined by the edge relation E'^ represents the 0, the second element in this 
order represents the 1, the third element represents the 2 and so on. Since in a linear 
digraph, E*^ is the successor relation, for clarity we use succ{x,y) to denote E{x,y). 
We also use x — n where n > to denote the formula of the form 

3?/(succ(y, x) A 32;(succ(x, y) A 3y(succ(?/, x) h ■ ■ ■ t\ ip) ■ ■ ■)) 

with n nested quantifiers and = -i3x(succ(x, y)) if n is odd or 1^9 = -i3y(succ(j/, x)) 
if n is even. Likewise, a; = denotes -i3y(succ(?/, x)). We assume a total order < of 
the nodes in V such that x < y iff there is a path from a; to y in G or a; = y. This 
total order is easily definable in second-order logic. 
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Figure 3.2: Multiplication 



Let us start by defining the operation of addition. The strategy is depicted in 
Figure 3.1 in which we show the resuh z of adding x and y along a Unear graph. 

The predicate swa.{x,y,z), which is true \S. z = x + y, can be defined in second- 
order logic as follows. 

{x = QAz = y)y{y = QAz = x)v 

(a; ^ A 2/ ^ A 3F(A1 A F{z, y) A 3x'y'{ succ(a;, x') A F(x' , y') Ay' = 1)A 

Wy'x'Yii succ{x',y')AF{x',x")AF{y',y")) ^ succ{x" ,y")))) 

where Al expresses "_F is an injcctive function with domain {n €E V | succ(x) < n < 
z}" . It is an easy and supplementary task to write the actual formula corresponding 
to Al. For the sake of clarity, we avoid this kind of supplementary details from now 
on. 

The next arithmetic operation that we define is multiplication. The strategy is 
depicted in Figure 3.2 in which we show the result z of x times y. Each of the nodes 
in the subset S = {2, . . . , .x} can be considered as a root of a different ordered tree in 
a forest. Each root node in the forest has y children and the result z is the last child 
of node x. 

The predicate times(a;, y, 2;), which is true if z = x x y, can be defined in second- 
order logic as follows. 

[x = lAy^OAz = y)W{y = lAx^OAz = x)\/{{x = 0\/y = 0)Az = 0)V 
(a;7^0At/7^0Aa;^lAy^lA 
3S{\/u{{{2 <uAu<x)^ W{S{u, y'))A 

Wy'{{x' <y' Ax' y^y' A S(u, x') A S(u, y')) 

-'3z'{x' <z'Az'<y'A ^S{u, z')))A 
3i^(Al) AA2aA3AA4])a 
A5 A yuv{S{u, v) ^ {2 < u Au < x)))) where 

• Al expresses "F is a bijection from {n G F | S{u, n)} to {n G V \ 1 < n < y}, which 
means that the output degree of u is y" . 

• A2 expresses "if u = 2 then the first child of u is succ(y)" . 
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Z — X X x'* 



Figure 3.3: Exponentiation 



• A3 expresses "if u = x then the last child of u is z" . 

• A4 expresses "if u =^ 2 then succ(c„_i, c„) for c„_i the last child of it — 1 and c„ 
the first child of u" . 

• A5 expresses "the input degree of every node in S* is < 1" . 

Finally, we need to define the arithmetic operation of exponentiation in second- 
order logic. In this case, the strategy is depicted in Figure 3.3. Note that, the first 
node in the linear digraph is x^ , the second node is x^ , and so on till node y-th (the 
final node) which is x^. 

The predicate exp{x,y,z), which is true if z = x^, can be defined in second-order 
logic as follows. 

(xy^0Ay = 0Az = l)V(2/ = lAz = a;)V(x = lAz = l)V 
> 2 A y > 2 A 3V'E'{Al A 3F(A2)A 

yu{^V'{u) V (m = a; V 3x'{E'{x', u) A tinies(a;, x' , w)))))) where 

• Al expresses ^^{V',E') is a linear digraph whose first (root) node is x and whose 
last (leaf) node is z" . 

• A2 expresses "i^ is a bijection from V to {!,...,?/}, i.e., \V'\ — y" ■ 



4 Hypercube Graph in Second-Order Logic 

We describe in this section two different strategies to define in second-order logic 
the class of hypercube graphs. The first strategy is based in the usual definition of 
Hypercube graph which identifies the nodes of the graph with binary strings. This 
definition was explained and expressed by means of a third-order logic formula in 
Example l2.2l The second strategy is based in the following definition: An n-hypercube 
graph is a graph with 2" nodes, which correspond to the subsets of a set with n 
elements. Two nodes labelled by subsets Si and Sj are joined by an edge if and only 
if 5*^ can be obtained from Sj by adding or removing a single element. The first 
strategy resulted in a more cumbersome formula than the formula produced by the 
second strategy. However, the descriptive complexity of the formula produced by this 
latter strategy is higher. 



4-1 First Strategy 

The idea is to use binary encodings to represent each node in the graph, and then 
to compare the binary encodings of two connected nodes to identify whether they 
differ exactly in 1 bit. Following a top down approach to the problem, we start with 
a very general schema of the formula and then we explore the main sub-formulae 
involved in the solution. We aim for a good balance between level of detail and 
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clarity of presentation. Consequently, we leave out of the presentation some trivial 
sub-formulae which are not central to the general strategy. 

Let G be an undirected graph with \V\ = n. The following second-order formula 
is satisfied by G iff G is an m-hypercube graph for some m. 

ipi = 3< (Al A3F3m{A2 A\/xy{E{x,y) o A3) A A4)) where 

• Al expresses "< is a total order of the domain V of G". 

• A2 expresses "F is a bijection on V" . 

• A3 expresses "The binary encodings of F{x) and F{y) have both length m and 
differ exactly in one bit" . 

• A4 expresses "There is a node whose binary encoding contains no zeros" . 

The total order < is used to identify each individual node of V . Thus, we can 
assume that V = {0, ...,n — 1}. This is needed for the binary encoding of the 
nodes in V, as it will become clear latter on. It should be clear how to express Al 
and A2 in the language of second-order logic. Thus we concentrate our effort in 
explaining the strategy to express A3. Finally, note that A4 means that all binary 
encodings (of length m) correspond to some node in V ^ which implies that the number 
of nodes of G is a power of 2, and also that m = logg n. A sub-formula that expresses 
A4 can be easily built by using the same ideas that wc use for A3 below. That 
is, we can existentially quantify for some node z, a linear digraph {Vz,Ez) and a 
Boolean assignment which assigns 1 to each node, and such that the binary string 
represented by {Vz,Ez,Bz) is the binary encoding of F{z). 
The following formula expresses A3. 

3Va;E,j;VyEyB^By (A3.1 a A3.2 A A3.3 A A3.4 A A3.5A 
3G(A3.6A 

yuv{{E^{u,v) -)■ 3u'v'{G{u,u') AG{v,v') AEy{u' ,v')))A 
{Ey{u, v) 3u'v'{G{u', u) A G{v', v) A E^{u', v'))))A 
3vyv'{{A3.7 -> i-V v)A 

(A3.8 ->-v' = v)))) where 

• A3.1 expresses "{Vx, Ex) and (Vy. Ey) arc linear digraphs". 

• A3. 2 expresses "B^ is a function from Vx to {0, 1}". 

• A3. 3 expresses "By is a function from Vy to {0, 1}". 

• A3. 4 expresses ''{Vx,Ex,Bx) is the binary encoding of 

• A3. 5 expresses '^{Vy,Ey,By) is the binary encoding of F{y)" . 

• A3. 6 expresses "G is a bijection from Vx to Vy" . 

• A3. 7 expresses "Bx{v') = By(G{v')y . 

• A3.8 expresses ''Bx{v') ^ By{G{v')y . 

To complete the picture, we need to explain how to write A3. 4 and A3. 5 in the 
language of second-order logic. Since both can be expressed in second-order logic in 
a similar way, we only show the formula for A3.4. Let xi be the z-th node in the 
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linear graph (V^, -Ex) defined in the previous formula. We say that {V^, E^, B^) is the 
binary encoding of F{x) if 

^'(a;) = 61 X 2™-i + 62 X 2'"-2 + . . . + 6^ x 2°, where hi = B^{xi). 

In second-order logic, we use a function Wx which assigns to each node xi in Vx its 
corresponding value hi x 2™^* in the encoding. This function is depicted in Figure 4.1. 
The following formula defines the encoding. 

3Wx IxTixViv Va;' (A3. 4.1 A 

Mss' qq'{{Ex{s,q) Mx{s,s') Mx{q,q')) succ(s', 
A3.4.2 A A3.4.3 A Ix{w, m)A 
3V' E' vi V2 w[A3.4.4 A A3.4.5A 
Vw(-.F'(u) V {{u = vi ^ u = 0) A{u = V2 ^ u ^ 1) A{u = w ^ A3.4.6)A 

{{u^viAu^ V2) ^ 3y'{E'{y', u) A A3.4.7)))) A 
Vx{x') [(A3.4.8) V (A3.4.9 A3t{Wxix',t) A A3.4.10))]A 
A3.4.11 A A3.4.12]) where 

• A3. 4.1 expresses "Ix is a bijection from I4 to {1, . . . 

• A3. 4. 2 expresses "f and w are the first and last nodes of {Vx,Ex), respectively". 

• A3.4.3 expresses 1)". 

• A3.4.4 expresses ^^{V',E') is a linear graph". 

• A3. 4. 5 expresses "vi,V2 and w are the 1-st, 2-nd and last nodes in {V',E'), respec- 
tively" . 

• A3.4.6 expresses "exp(2,m — l,u)". 

• A3.4.7 expresses "times(2,y',u)". 

• A3.4.8 expresses "Bxix') = 0" A 'W^(x') = 0". 

• A3. 4. 9 expresses "Bx{x') = 1" A "sum(nx, /a:(a;'), m)" . 

• A3. 4. 10 expresses "exp(2, n^;, i)" 

• A3.4.11 expresses "F(x) = Wx{xi) + Wx{x2) + • • • + Wx{xm) for Xi the i-th node 
in {Vx,Exr. 
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• A3.4.12 expresses "W^ is a function from to V" . 

Finally, we note that A3. 4. 11 can be expressed as follows. 

3?7^(A3.4.11.1 AVa;'(^y^(a;') V (A3.4.11.2 A A3.4.11.3A 

(A3.4.11.4-)- 3a;"(i;^(a;",a;') A A3.4.11.5))))) where 

• A3. 4. 11.1 expresses "J/x is a function from 14 to V" . 

• A3.4.11.2 expresses "if cc' is the first node in (V^,E^) then U:rXx') = W^{x'y . 

• A3. 4. 11. 3 expresses "if .x' is the last node in (Vx^Ex) then Ux{x') = F{x)'" . 

• A3. 4. 11. 4 expresses "x' is not the first node in 

• A3.4.11.5 expresses ''s\xui{U^{x"),Wx{x'),Ux{x')Y . 

4-2 Second Strategy 

The second strategy to define the class of hypercube graphs can be described in two 
steps. 

i. To identify every node x in the input graph G with a different subset Sx of a set 
V C y of cardinality logj \ V\, making sure that every subset of V is assigned to 
some node of G. 

ii. To check that for every pair of nodes x and y in G, there is an edge between x 
and y iff can be obtained from Sy by adding or removing a single element. 

In second-order logic we can express this strategy as follows. 

ip2 = 3E(3y'(Al A VS'(A2 {3x{A3 A A4))) A 3z{A5))a 
yxy{{E{x,y) A E{y,x)) ^ A6)) 

where 

• Al expresses "F' C F A V 9^ 0" . 

• A2 expresses "SCV AS^ 0". 

• A3 expresses "x is identified with S via i?" . 

A3 = yv{R{x,v) ^ S{v)) 

• A4 expresses "no other node y ^ x can be identified with S via R" . 

A4 = -n3y{x + yA 'iv{R{y, v) ^ S{v))) 

• A5 expresses "all nodes, with the only exception of node z, are identified with 
some nonempty subset of V via R" . 

A5 = -n3v{R{z,v)) A Vz'(z ^ z' ^ 3S{A5.1 Ayv{R{z' ,v) o S{v)))) where 
- A5.1 expresses "S" ^ A C y'". 

• A6 expresses "the set identified with x can be obtained from the set Sy identified 
with y by adding or removing a single element" . 

A6 = 3v{{{R{x,v) A ^R{y, v)) V {R{y, v) A -^R{x,v)))a 

yv'{v' T^v^ {R{x,v') o R{y,v'))) 
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Remark 4.1 

The formula ip2 that expresses the second strategy has a prefix of second-order quan- 
tifiers of the form BRBV'VS. Thus, it is in the class Ej. The existence of a formula 
in Ti\ that expresses this second strategy is unlikely, since we must express that every 
subset S is identified with some node in the graph. On the other hand, the formula ipi 
that expresses the first strategy, while considerably more cumbersome than ip2, only 
uses existential second-order quantifiers and can be translated in a rather straight- 
forward way into an equivalent formula. That is, we could transform the current 
quantification schema of the form 

yxy{3V,'ElBlVy'E'yBl . . . BW^U^W^U^ ...), 

where the superindices added to the relation variables denote their arity, into an 
schema of the form 

{BV^ElBlVy^E^Bf^ . . . IW^MW^Ul . . . ) , 

where the prefix "Vxy" is eliminated and the arity of every relation variable is in- 
creased in 1, so that we can incorporate all nodes. Thus, for instance, every set 
corresponding to some node a; in a graph G is now encoded in the binary relation 

in such a way that = {y\[x,y) S V^}. Then, we can simply express that the 
set {x\{x,y) S V^} contains every node in the graph G. Moreover, we can now omit 
Vy, Ey, By, Wy 3,11(1 Uy , siucB for Bvcry pair of nodes x and y, their corresponding sets 

and Vy will be both encoded into the binary relation V^, and something similar 
will happen for the relations E, B, W and U. 

This is an important consideration since by Fagin-Stockmeyer characterization of 
the polynomial-time hierarchy [13] E} captures NP while Ej captures NP^^. 

5 Quantified Boolean Formulae 

A Boolean variable is any symbol to which we can associate the truth values and 1. 
Let y be a countable set of Boolean variables. The class of Boolean formulae over V 
is the smallest class which is defined by: 

• The Boolean constants and 1 are Boolean formulae. 

• Every Boolean variable a; in 1/ is a Boolean formula. 

• If and ip are Boolean formulae then {(p f\ ip), ((^ V tjj) and -^{ip) are Boolean 
formulae. 

The semantics of the Boolean formulae is given by the well-known semantics of the 
propositional logic. 

A quantified Boolean formula over V, as defined by the influential Garey and John- 
son book on the theory of NP-Completeness [6], is a formula of the form 

Q1X1Q2X2 . . . (3„a;„((^), 

where (/? is a Boolean formula over V, n > 0, xi, . . . ,Xn G V and, for 1 < « < n, 
Qi is either "3" or "V". A variable that occurs in the Boolean formula but does 
not occur in the prefix of quantifiers is called a free variable. We call QBE the set 



Expressing Properties in Second and Third Order Logic 13 

of quantified Boolean formulae without free variables. As usual, for A: > 1, QBF^. 
denotes the fragment of QBF which consists of those formulae which start with an 
existential block and have k alternating blocks of quantifiers. Let X c V he & finite 
set of Boolean variables, we assume w.l.o.g. that a formula in QBFj. over X is of the 
form 

3x1^x2 . . . Qxk{ip), 

where for 1 < i < k, Xi = {xn, . . . ,Xii^) is a vector of k diff'erent variables from X, 
3xi denotes a block of k quantifiers of the form 3x^1, . . . , Bxu. , \/xi denotes a block of 
li quantifiers of the form Vxji , . . . , '^Xil^ , (p is a (quantifier free) Boolean formula over 
X, Q is "3" if k is odd and "V" if k is even, and the sets Xi,. . . ,Xk of variables in 
Si, ... , Xk, respectively, form a partition of X. 

We define next the notion of satisfiability of quantified Boolean formulae. But first 
we introduce the concept of alternating valuations which uses rooted binary trees 
to represent all possible valuations for a given formula, and paths from the root 
to the leaves of such trees to represent individual valuations. This unusual way of 
representing valuations is motivated by the way in which we express in second-order 
logic the satisfiability problem for the classes QBF^^. 

Let Ty be a rooted binary tree of vocabulary ctt^ = {E,B,0, 1}. That is, T„ is 
a maximally connected acyclic digraph in which every vertex has at most two child 
vertices and, except for the root, has a unique parent. Here, and 1 arc constant 
symbols which are interpreted as truth values and B'^" is a total function which 
assigns a truth value O'^'' or l'^" to each vertex in V. We say that T„ is an alternating 
valuation if the following holds: 

• Every leaf of T„ is at the same depth d. 

• All vertices at a given depth, i.e., in the same level, have the same out-degree. 

• If two vertices a,b € V are siblings, then B"^" (a) ^ B'^^ (b). 

Let if = 3x1^X2 ■ ■ ■ Qxk{ijj) be a formula in QBFj,, where Q is "3" if k is odd and 
"V" if k is even, and let Ij for 1 < j < fc be the length of the j-th alternating block of 
quantifiers. We say that an alternating valuation T„ is applicable to (p, if the depth 
of T„ is Zi -h \- Ik — I and for every 1 < i < h -\ h ife, it holds that: 

• All vertices at depth i — 1 have no siblings if 1 < i < li or I1 + I2 + I < i < h + h + h 

or • • • or li + I2 + \- Ik' -1 + I < i < h + I2 + \-lk', where k' = k ii the fc-th 

block of quantifiers is existential and k' = k — 1 otherwise. 

• All vertices at depth i — 1 have exactly one sibling if Zi + 1 < i < Zi + Z2 or 
h + h+ h + i <i <li+l2 + l3+k ov ■■■ or h + l2 + -- - + Iw-i + 1 < i < 
h+h + ■■ ■ + Ik"-, where k" = k ii the fc-th block of quantifiers is universal and 
k" = k — 1 otherwise. 

Let 7 = 3xiVx2 . . . Qxkip) be a formula in QBFj. over X, and let T^, be an alter- 
nating valuation applicable to 7. A leaf valuation L„ is a linear subgraph of T„ of 
vocabulary ctt^ which corresponds to a path from the root to a leaf in . Let v be 
a mapping from the set of variables X to {0, 1}, i.e., a Boolean assignment, such that 
for Xi G X the i-th variable in the prefix of quantifiers of 7, it holds that v{xi) = 1 iff 
B^''{ni) = 1^" for tii the i-th node in the linear order induced by E^''. We say that 
liy satisfies 7, written L„ |= 7, if the Boolean assignment v satisfies (p. That is, if ip 
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is a Boolean variable Xi in X, then L.y |= if v(xi) = 1: ii ip = -^{ip), then L^, |= if 
Ly ^ ip (i.e., if it is not the case that ^ tp); ii (p = {ip V a), then ^ if either 
Li, 1= -0 or L„ 1= a; and ii ip — (?/; A a), then ^ (/s if both li^ \= and Li, ^ a. 
Finally, we say that the alternating valuation T^, satisfies 7 if every leaf valuation L^, 
of Ti, satisfies 7. 

A Boolean formulae ip in QBF^ is satisfiable if and only if there is an alternating 
valuation T^, which satisfies (p; otherwise (p is unsatisfiable. SATQBF;. is the set of 
QBFj. formulae that are satisfiable. SATQBF = [j^,^^ SATQBF;.. 

It is well known that SATQBFj, is complete for the level Ej^. of the polynomial- 
time hierarchy (see [6l [1] among others sources). It is also well known that second- 
order logic captures the polynomial-time hierarchy. In fact, there is an exact cor- 
respondence between the prenex fragments of second-order logic with up to k al- 
ternations of quantifiers Sj. and the levels of the polynomial time hierarchy 
[T3] . Thus, for every k, SATQBFj, can be defined in second-order logic, in fact, 
it can even be defined in S^. Regarding SATQBF, we note that it is PSPACE- 
complete [13]. Since existential third-order logic captures NTIME(2"'"'^' ) (see [7]) 
and PSPACE C DTIME(2"°'") C NTIME(2"'"" ), we know that SATQBF can be 
defined in existential third-order logic. In the following sections we present a second- 
order formula that defines SATQBFk and a third-order formula that defines SATQBF, 
respectively. 

6 SATQBFk in Second-Order Logic 

Following a top-down approach, we present a detailed construction of a second-order 
formula that defines SATQBF^.. But first, we need to fix an encoding of quantified 
Boolean formulae as relational structures. 

There is a well-known correspondence between words and finite structures. Let A 
be a finite alphabet and let tt{A) be the vocabulary {<} U {Ra ■ a e A}, where < is a 
binary relation symbol and the Ra are unary relation symbols. We can identify any 
word V = ai . . . Gn iri A* with a 7r(A)-structure B, where the cardinality of B equals 
the length of w, <^ is a total order on B, and, for each Ra G tt{A), R^ contains the 
positions in v carrying an a, 

Rf = {be B : for some j (1 < j < n), 

b is the j-th element in the order <^ and aj — a} 

Such structures are usually known as word models for f ([3]). As any two word models 
for V are isomorphic, we can speak of the word model for v. 

Note that we can represent Boolean variables of the form Xn by using a symbol 
"X" followed by a sequence of n symbols "|". For instance, we can write for X3. 
Thus using word models, every quantified Boolean formula ip can be viewed as a finite 
relational structure of the following vocabulary. 

vr = {<, P^, Pv, /'a, Pg, Pv, P(, P), Px, P|} 

Example 6.1 

If ip is the quantified Boolean formula 3a;iVa;2((~ia;i) V X2), which using our notation 
for the variables corresponds to ElX|VA'||((-iX|) VX||), then the following 7r-structure 
Gip (note that G;^ is a linear graph) where dp = {1, . . . , 18}, is a total order 
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on G^, P^^ = {10}, P^^ = {14}, = 0, P^-' = {1}, - {4}, P^^ = {8,9}, 
P^*- = {13, 18}, P^*^' {2, 5, 11, 15}, P^'' = {3, 6, 7, 12, 16, 17}, encodes ip. 



We show next how to build a second-order logic formula (Psatqbf^ such that, given 
a relational structure G^p of vocabulary tt, it holds that Gip |= Vsatqbf^ 

iff the 

quantified Boolean formula ip represented by Gip, is satisfiable. That is, we show 
next how to build a second-order formula (/Jsatqbf^ of vocabulary tt that defines 
SATQBFj.. As mentioned earlier, we follow a top-down approach for the construction 
of this formula. At the highest level of abstraction, we can think of (^satqef^ as a 
second-order formula that expresses the following: 

"There is an alternating valuation T„ applicable to (p that satisfies ip" . (A) 

Recall that an alternating valuation T„ satisfies (p iff every leaf valuation L„ of 
satisfies the quantifier-free part ip' of (p. Also recall that every leaf valuation 
corresponds to a Boolean assignment v. Thus, ii tp ^ 3xi\fx2 ■ ■ ■ Qxki^p'), where for 
1 < i < k, Xi — {xii, . . . , Xii-), Q is "3" if k is odd and "V" if k is even, Xi, . . . , X/j 
are the set of variables in xi , . . . , a;^ , respectively, and ip' is a (quantifier free) Boolean 
formulae over X = Xi U • • • U Xk , then the expression in (j^ can be divided in two 
parts: 

AVSl (Alternating Valuation that Satisfies tp, Part 1) which expresses 
"There is a partial Boolean assignment vi on Xi, 



AVS2 (Alternating Valuation that Satisfies ip, Part 2) which expresses 

"The Boolean assignment v — vi U V2 U ■ ■ ■ D satisfies the (quantifier free) 
Boolean formula (p'" . 

For each partial Boolean assignment Vi (1 < i < fc), we use a second-order variable 
Vi of arity one and two second-order variables Ei and Bi of arity two, to store the 
encoding of each Vi as a linear graph Gi = (Vi, Ei) with an associated function Bi : 
Vi — ?> {0,1} (see Figure 6.1). Correspondingly, we use a second-order variable Vt of 

3 linear graph Gi V linear graph G2 3 linear graph G3 ... Q linear graph Gfc 



such that for all partial Boolean assignments V2 on X2, 



there is (or "for all" if k is even) a partial Boolean assignment Vk on X^" ■ 







o 





G2 G3 



Gfc 



Gi = {Vi,Ei) 



G2 = 



{V2,E2) 



Gk — (Vfc, Ek) 



Figure 6.1 



arity one and two second-order variables Et and Bt of arity two, to store the encoding 
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of each Boolean assignment v (leaf valuation T^,) as a linear graph Gt = (Vf , Et) with 
an associated function Bt : Vt ^ {0, 1}. Figure 6.2 illustrates an alternating valuation 
applicable to ip and its corresponding encoding. 

32;il3i;i23i;i3 • ■ ■ 3xii-^\fX2lVx22'^X23 ■ ■ ■ VX2I2 32;3l32;3232;33 ■ • ■ 3a;3l3 ■ ■ ■ QxklQxk2Qxk3 ■ ■ ■ Qxkl^ {f>') 




0/1 C/i U2 U3 ■■■ Uk 

Figure 6.2 



In the next subsection we describe the process followed to build a second-order 
formula to express Statement AVSl. Then we describe in Subsection 16.21 the corre- 
sponding process for Statement AVS2. 

6.1 Expressing Statement AVSl 

Let and k\/ be the index of the last existential quantifier block and the last universal 
quantifier block, respectively, in the prefix of k blocks of quantifiers of (p. We can 
express Statement AVSl as follows: 

3V1E1B1W2E2B2 ■ ■ ■ QkVkEkBk3VtEtBtUi,U2, . . . , Uk(^Al A A2 A A3 A A4 A ASA 

((A6 A A7 A A8 A A9 A AlO A All) ^ AVS2)) where 

• Al expresses "Gt = {Vt,Et) is a linear graph". 

• A2 expresses "The length of Gt equals the number of variables that appear in the 
prefix of quantifiers of (ys" . 

• A3 expresses "Gi = {Vi,Ei),G3 = (V2, -E2 ),••■, Gfc^ = (Vfeg,^/:^) are linear graphs". 

• A4 expresses "Bi : Vi {0, 1}, 53:^3-^ {0, 1}, . . . , Bk^ : Vk^ {0, 1} are total 
functions" . 

• A5 expresses "The lengths of the linear graphs Gi , G3 , . . . , Gk^ equal the lengths of 
their corresponding blocks of quantifiers in (/?" . 

• A6 expresses "Vi, V2, ■ ■ ■ ,Vk are pairwise disjoint sets". 

• A7expresses "G2 = {V2, E2),G4 = {V4,E4), . . . ,Gk^ — {Vk^,Lk^) are linear graphs" 
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• A8 expresses "B2 : V2 {0, 1}, B4 : ^ {0, 1}, . . . , Bk^ : Vk^ {0, 1} are total 
functions" 

• A9 expresses "The lengths of the linear graphs 6*2, G4, . . . , Gk^ equal the lengths of 
their corresponding blocks of quantifiers in ip" . 

• AlO expresses "Ui is a total injection from Gi to the first part of Gt and U2 is a 
total injection from G2 to the second part of Gt ... and Uk is a total injection from 
Gk to the fc-th part of Gt" . 

• All expresses "i?t : Vt — > {0, 1} is a total function that coincides with Bi, B2, ■ ■ ., 
Bk". 

• AVS2 expresses Statement AVS2 as described in Subsection 16.21 

Next, we discuss how to write the sub-formulae Al-All in second-order logic. 

Al. This is expressed by the auxiliary formula LINE AR{Vt, Et), which is defined in 
Subsection 16.31 below. 

A2. This is implied by the following statement which is expressed in further detail in 
Subsection EXT] (A). 

"There is a partial surjective injection Vp from the quantifier prefix of if to Gt-, 
which maps every X in the prefix to its corresponding node in Gt, and which 
preserves <*^'^ and Et\ 
A3. LINEAR(l/i,£;i) A LINEAR(l/3, £;3) A ■ • • A LINE AR{Vk ^, Ek^), where the sub- 
formulae LlNEAR{Vi, Ei) are as defined in Subsection 16.31 

A4. Vt,p,p'( A,=i,3....,fe, (A4.1 A A4.2 A A4.3)) 

• A4.1 expresses "Bi is a function". 
A4.1 = m{t,p) A B,{t,p')) -^p = p') 

• A4.2 expresses "Bi is total". 
AL2={V,{t) ^3p{B,it,p))) 

• A4.3 expresses "the range of Bi is {0, 1}". 
A4.3= -> (p= 1 Vp = 0)) 

where p = and p = 1 have the obvious meaning and are defined in Subsec- 
tion |631 
A5. If fcg ^ fc, then 

Ai,3,....fc3 {^L'viV2...Vk^Vk^+i{ak^ AC,)) 

where ak^ is the formula template ai instantiated with i = k^. 
If fcg = fc, then 

( Ai,3,...,fc3-2 {^L'viV2 ■ ■ ■Vkj-i{akj_2 A CO)) A3L'viV2 ■ ■ - VkVeiPi A/32 A/33) 

where akj-2 is the formula template ai instantiated with i — — 2 (Note that 
fca — 2 is the previous to the last existential block, and the subformulae /3i , P2 and 
/33 take care of the last block of quantifiers). 

Next, we define the subformulae ai, /3i Q, (32 and (3^ in the listed order. For their 
definitions we use an auxiliary formula PATII<(a;,y) which is in turn defined in 
Subsection 16.31 below, and which expresses "the pair {x,y) is in the transitive 
closure of the relation <" . 
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The subformula ai is satisfied if, for I < j < i, vj is the position of the first 
quantifier of the j-th block (when i is not the last block of quantifiers). 

ai = (P^ivi) A P^{v2) A ... A Pgivi+i) A -n3x{x ^ vx Ax < vi)A 

PATH<(t;i, W2) A PATH<(t;2, W3) A • ■ • A PATH<(w„ w,+i)A 

^3x(PATH<(wi,x) A PATH<(a;, ua) A a; 7^ -yi A a; 7^ -^2 A Pv{x))A 

^3a;(PATH<(t;2, a;) A PATH<(x, ^73) A a; 7^ A a; 7^ U3 A Pa (a;)) A 

...A 

^3x(PATH<(w,, x) A PATH< (x, v,+i) A x Vi A x Vi+i A Pq{x))) 
where Pq is Py if i is odd or P3 if i is even. 

The subformula /3i is satisfied if, for 1 < j < i, Vj is the position of the first 
quantifier of the j-th block. 

/3i = {Pb{vi) a fV(w2) A ... A Pl{vk) A P^ive) A ^3x{x < Vi)A 
PATH<(t;i,W2) A PATH<(u2,W3) A ■ • ■ A PATH<(wfe,We)A 
-.3a;(PATH<(wi,a;) A PATH<(a;,W2) Aa;7^t;iAa;7^t;2A P,'(a;))A 
-.3a;(PATH<(t;2,a;) A PATH<(a;,W3) Aa;^t;2Aa;7^t;3A P3(a;))A 
...A 

-.3a;(PATH<(wfe,a;) A PATH<(a;,Ue) Ax^VkAx^VeA P2{x))) 

where PI is Pg if k is odd or Py if A; is even, and P2 is Py if fc is odd or Pg if k is 
even. 

When i is not the index of the last block of quantifiers, the subformula Q is 
satisfied if L' is a bijection from the indices of the symbols X in the z-th alter- 
nating block of quantifiers to Vi, which preserves Ei and Nextx = {(ii^) e<*^'' 
I a and b are indices of symbols in the i-th blockAPx(a) APx(6) AVc((a < cAc < 
b) — )• -iPx(c))} (i.e., the order of appearance of the X's in the t-th block of quan- 
tifiers in the prefix of (p). This is illustrated in Figure 6.3. Recall that we encode 
in Gi = {Vi, Ei, Bi) a partial truth assignment for the variables in the i-th alter- 
nating block of quantifiers. 

Ci = (A5.1 A A5.2 A A5.3 A A5.4 A A5.5) where 

• A5.1 defines the "domain of L'". 

A5.1 = Vx((PATH<(u„.T)APATH<(a;,t;i+i)Ax 7^ Vi+xAPx{x)) ^ 3y{L'{x,y))) 

• A5.2 expresses "X' is surjective". 




A5.3 = ysts't'(^{L'{s,t) A L'{s',t') A s ^ s' A PATH<(u,,s) A PAT}i<{s' ,Vi+i) 
APATH<(s, s') A ^3z(PATH<(s, z) A PATH<(z, s')A 




• A5.4 defines the "range of L'". 

A5A = yxy{L'{x,y)^Vi{y)) 
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• A5.5 expresses "i' is a function". 

A5.5 = Vxyz((L'(x, y) A z)) y = z) 

The subformula [32 is satisfied if L' is a bijection from the indices of the symbols X 
in the fc-th alternating block of quantifiers to 14, which preserves Ek and Nextx 
(i.e., the order of appearance of the AT's in the k-th block of quantifiers in the 
prefix of ip). 

h = (A5.1' A A5.2' A A5.3' A A5.4' A A5.5') where 

• A5.1' defines the "domain of L'". 

A5.1' = Va;((PATH<(i;fe,a;) APATH<(a;,t;e) APx(a;)) o y))) 

• A5.2' expresses "L' is surjective". 



A5.2' = yy{Vk{y) ^ 3z{L'{z,y))) 
• A5.3' expresses "L' preserves Nextx and E^' which implies injectivity. 
A5.3' = 'ists't'(^{L'{s, t) A L'(s', t') A s ^ s' A PATH<(t;fe, s) A PATH<(s', v^) 
APATH<(s, s') A ^3z(PATH<(s, z) A PATH<(z, s')A 



• A5.5' expresses "L' is a function". 
A5.5' EE \lxyz{{L'{x, y) A L'{x, z)) ^ y = z) 

The last subformula is satisfied if Vf. is the last symbol "|" in the prefix of 
quantifiers of tp. We use SUC<(a;,y) to denote that x is the immediate successor 
of y in the total order <'^*'. The formula that expresses SUC<(a;, y) is defined in 
Subsection 16.31 



Vu'(PATH<(i;e,i;') ^ {^P^{v') A -PvK)))a 

^xyuNv' {Px (x) A Pq {w) A SUC< (x, y) A SUC< (w, x) A PATH< (y, Ve) A 



A6. Let V^r^VJ = denote Va:((Vi(a;) ^ -l^j(a;)) A (y,-(a;) ^ -^V^{x))), we can express 
that Vi,V2, ■ ■ ■ ,Vk are pairwise disjoint sets as follows. 

(Vi n 1^2 = 0) A (Vi n ^3 = 0) A (v^i n ^4 = 0) A • • • A {Vi r\Vk = 0)a 
(v^2 n V3 = 0) A (^2 n V4 = 0) A • • • A (V2 n Vfe = 0)a 
... A [Vk-i n 14 = 0) 

A7. LINEAR(y2, £^2) A LINEAR(V^4, £^4) A • • • A LINEAR(Vfc^, E^fc^), 
where LINEAR(Vi, S^) is as defined in Subsection 16.31 




• A5.4' defines the "range of L'" . 
A5A' = 'ixyiL'{x,y)^Vk{y)) 



/33 = (Vz;'(SUC<(i;e,«') ^P\{v')) A P\{v,)A 



((PATH<(t-',t-e) APATH<(tj,i;')) ^ P|K)))) 



where Pq is Pg if k is odd, or P/ if /c is even. 




(A8.1 A AS. 2 A A8.3) ) where 
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Figure 6.3 



• A8.1 expresses "Bi is a function". 
A8.1 EE {{B,{t,p) A B,{t,p')) -^p = p') 

• A8.2 expresses "Si is total". 
k^.2={V■Xt)^MB^{t,p))) 

• AS. 3 expresses "the range of Bi is {0, 1}". 
A8.3= ^ (p= 1 Vp = 0)) 

where p — Q and p — 1 have the obvious meaning and are defined in Subsec- 
tion [Oj 

A9. If fcv ^ k, then 

A2,4,....fcv ■ . .Wfcvffev + lla/cv A Ci)) 

where is the formula template on instantiated with i — k\/. 
If fcv = fc, then 

( A2,4,...,fev-2 (3L'W1W2 ■ • ■Wfev-l("fev-2 ^Ci))) A 3L'wit>2 . . .WfeWelA A/32 A/^a) 

where is the formula template ai instantiated with i = ky — 2 (Note that 

fcv — 2 is the previous to the last universal block, and the subformulae /3i , (32 and 
/?3 take care of the last block of quantifiers). 

The subformulae a^, Ci, /3i, /32 and are the same as in (A5). 

AlO. (aIO.1 A A2<.<fe_i (Al0.2.i) A AIO.3) where 

• AlO.l expresses "C/i is a total injection from Vi to Vt such that: (a) preserves 
El and Et and (b) i7i( "first node in the order i?i") = "first node in the order 
Er\ 

• A10.2.i expresses "C/^ is a total injection from Vi to Vt such that: (a) preserves 
E^ and Et and (b) f7^( "first node in the order Ei') = SUCs,(J7^_i("last node 
in the order £:i_i"))". 

• AlO. 3 expresses "J7fe is a total injection from Vk to Vt such that: (a) preserves 
Ek and Et and (b) ?7fc( "first node in order Ek') = SUC£;j(C/fc_i("last node in 
order Sfc_i"))". 

We describe next the second-order formula for AlO. 3 which is in turn illustrated 
in Figure 6.4. Note that the node labeled x in Figure 6.4 corresponds to the last 
node in the linear graph Gk-i and that x is mapped by the function Uk-i to the 
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node labelled y in the linear graph Gi. Accordingly, Uk maps the first node in 
the linear graph Gk (i.e. the node labeled u), to the successor of node y in Gt 
(i.e. to the node labelled t). 

A10.3 = Vxyto(A10.3.1 A AIO.3.2 A AIO.3.3 A AIO.3.4) where 

• AIO.3.1 expresses ''Uk is a total injection from Vk to 14". 

AIO.3.1 = {{Uk{x, y) A C/fc(x, t)) ^ y = t)A 
{{Uk{x, y) A Uk{u, J/)) -> X = '«)A 
{Vk{x)^3y{Uk{x,y)))A 
{Uk{x,y) ^ {Vk{x) AVt{y))) 

• AIO.3.2 expresses "preserves £^t" • 

AIO.3.2 = {{Uk{x, y) A C/fe(u, t) A Et{y, t)) Ek{x, u)) 

• AIO.3.3 expresses "preserves Ek' ■ 

AIO.3.3 = {{Ukix, y) A Uk{u, t) A Ek{x, u)) Et{y, t)) 

• AIO.3.4 expresses "f/fe("first node in order E^fe") = SUCBt(f/fe-i("last node in 
order iJfc.i"))". 

AIO.3.4 = {{Uk-i{x, y) A --3v{Ek-i {x, v)) A Et{y, t) A --3v{Ek{v, u) A Vk(,u))) 
Uk{u,t)) 



Gk- 




Figure 6.4 



All. \/xytpp'{{Bi{t,p) A C/i(i,y) A Bt(y,p')) ^ P = P')^ 
yxytpp'{{B2{t,p) A C/2(i,y) A Bt{y,p')) ^p = p')A 
...A 

yxytpp'{{Bk{t,p) A Uk{t,y) A Bt{y,p')) ^p = p') 



6.2 Expressing Statement AVS2 
Statement AVS2 can be rephrased as follows: 

3VpCEc ST Est M Ca Cv C( C) Ci Co i?^ (AVS2.1 A AVS2.2) where 

• AVS2.1 expresses "There is a Boolean expression </> which is obtained from the 
quantifier-free part of (p by replacing each occurrence of a variable by the cor- 
responding truth value in {0,1} assigned by the leaf valuation represented by 
{GuBtY. 
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3X\VX\\3X\\\...QX\\\---\{v'(X\,X\\,X\\\,...,X\\\---\)) 



Vq: Variable Occurrence 



Input Graph 3 X | V X | | 3 X | 

www 



Vp-. Variable Position 
Graph Gt 




(X\\ \ A I I V ...))) 



Sub Graph O — X) fcO 

0/1 0/1 

0: A quantifier free formula on: {(, ), A, V, ^, 0, 1} 
For instance: (((1 A (-nO)) V (1 A 0)) A . . . (. . .)) 

Figure 6.5 



• AVS2.2 expresses "The Boolean expression (p evaluates to true". 

We describe next how to express AVS2.1 and AVS2.2 in second-order logic. 

6.2.1 Expressing AVS2.1 

The idea is to define mappings to represent the relationships among the input graph 
G;^, the graph Gt and the quantifier-free part of the input formulae. This is illustrated 
in Figure 6.5. We can express AVS2.1 as follows: 

AVS2.1 = AAB AC where 

• A expresses "V^ is a partial bijection from the prefix of quantifiers of ip (restricted 
to the X's that appear in the prefix) to Vt, which maps every X to its correspond- 
ing node in Gt, and which preserves <*^*' and Et" ■ 

A = yxyz{Al A A2 A A3) A Vsis'i' (A4) where 

— Al expresses "Vp is a function" . 

Al = {{Vp{x,y) A Vp{x,z)) y = z) 

— A2 expresses "Vp is injective" 

A2 = {{Vp{x, y) A Vp{z, y)) ^ x = z) 

— A3 defines the "domain and range of X^" 

A'd = {{Px(x) AVm.-D<{x,z) A{P^{z)y P^{z))) ^ 3y{Vt{y) AVp{x,y))) where 
PRED<(a;,z) denotes the subformula that expresses that z is the strict prede- 
cessor of x in the order (see Subsection 16.31) . 

— A4 expresses "Vp preserves <*^''' and Et\ 
{Vp{s,s')AVp{t,t')AEt{s',t'))^ 

(PATH<(s,t) AVz'((z' ^ s Az' APATH<(s,z') APATH<(z',t)) ^ 

• B expresses "H^ is a partial surjective injection from the quantifier free part of 
to the formula 0, encoded as the first formula in (C, Ec) (see Figures 6.7 and 6.8), 
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which maps every X in the quantifier-free part of ip to the corresponding position 
in the first formula in (C, Ec) (i.e. </>), which preserves A, V, (, ), <*^'^ and Ec, 
and which ignores | " . 

B = yxyiy2ZiZ2{Bl A B2 A B3 A B4) A Wxx' zyiy2ZiZ2{B5) where 

— Bl expresses "i?^ is a function". 
Bl = {{H^{x,yi,y2) A H^{x,zi,Z2)) 

{yi - zi A y2 = Z2 A 3x'(F((a;') APATH<(x',x)) A C(yi,j/2))) 

— B2 expresses "77^ is injective" . 

B2 = {H^{x,yi,y2) A H^{z,yi,y2) x = z) 

— B3 expresses "the range of is the first formula in (C, Ec)" ■ 
B3 = Wy[y'2z[z'2t[t'2v'v2{{ST{v') A -^3y{EsT{y,v'))A 

Est{v\ V2) a M{v', y[,y'2) A M(v2, zj, z^)A 
Ec {t[,t'2,z[,z'2)A PATUec (2/'i , , 2/1 , y2 ) a 
PATHb^ (yi , y2 , , ^'2 ) ) ^ 3x' (ff^x' , yi , y2 ) ) ) A 

— B4 expresses "the domain of corresponds to the quantifier free part of ip" . 
B4= (3a;'(P((x') APATH<(x',x)) ^ 3y[y'2{H^{x,y[,y'2))) 

— B5 expresses "i?^ preserves <*^'^ (ignoring "|"), Ec, A, V, (, ) and -1, and maps 
X to 0/1". 

B5 EE {{H^{x,yi,y2) A H^{z, zi, Z2) A Ec{yi,y2, zi, Z2)) 

(SUC<(a;,z) V (PATH<(a;, z) A Va;'(PATH<(a;, a;')A 
PATH<(a;',z) Ax' ^ x A x' ^ z) ^ P\{x'))))a 
{H4x,yi,y2) ^ ((P((x) Aq(2/i,y2))V 
(P)(x)AC)(yi,y2))V 
(PA(a:) ACA(yi,2/2))V 
(Pv(x) ACv(yi,2/2))V 
(P.(x) AC.(yi,y2))V 
(Px(a;)A(Co(yi,y2)VCi(yi,y2))))) 

• C expresses "for every bijection Vq from "| ■ • • |" in "QX\ • • • |" (where Q is "3" or 
"V") to "I • • • I" in "(. ..X \ .)" that links a variable in the quantifier prefix 

of if with an occurrence of that variable in the quantifier-free part of it, the 
variable in the quantifier free part of if which corresponds to the function Vq is 
replaced in </> by the value assigned to that variable by the leaf valuation (Gf , Bt) 
(see Figures 6.5)". Note that in the formula below, zq represents the root in 
dom(Vb), Zf represents the leaf in dom(Vo), yo represents the root in ran(Vb), and 
y/ represents the leaf in ran(Vo) (see Figure 6.6). Also note that is encoded in 
(C, Ec) starting in the node M( "first node in {ST, Est)") and ending in the node 
£'p"'^(M( "second node in {ST , Est)")), and that it is equivalent to the quantifier- 
free part of if with the variables replaced by or 1 according to the leaf valuation 
{Gt, Bt) (this is further clarified in Subsection l6.2.21 also note Figures 6.7 and 6.8). 

C = VVb 3 zo yo 2/ 2// 4 yo z'f y'f ((CI A C2 A C3 A C4 A C5 A C6) ^ C7) where 

— CI expresses "zq is the root in dom(Vo), Zf is the leaf in doni(Vo), yo is the root 
in ran(Vo) and yj is the leaf in ran(Vb)". 

CI = Vo{zo, yo) A -3zV(PRED<(zo, z') A Vo{z' , y'))A 
Vo{zf,yf) A -3zV(SUC<(z/, z') A Vo{z', y'))A 
Vz'((PATH<(zo,^') APATH<(z',z/)) ^ 3y'(t/o(z',y')))A 
Vy'((PATH<(yo, y') A PATH< (y',y/)) 3z'(Vb(z', y'))) 



24 Expressing Properties in Second and Third Order Logic 

Vq: Variable Occurrence 



Q X I ■•■ I ... ( ...X I •■• I ...) 

/t \X /f t\, 

4 zo Zf z'f fo yo VI Vf 



Figure 6.6 



C2 expresses "Vq is a bijection from "| • • • |" in "gX| • • • |" to "| • • • |" in 

"(. . . X| • • • I . . .)" which preserves <^»'". 

C2 = 'ixvvw{{Vo{x,y) ^ (P, (x) A P|(y)))A 

{{Vo{x,y) hVQ{x,v)) -^y = v)A 

{{Voix,y) AVo{w,y)) ^ X = ■w)A 

{{Voix,y) A Voiv,w) A SUC<(,t,,;)) ^ SVC<{y,w))) 

C3 expresses "zq is the predecessor of the root in dom(Vb), i.e., it is the X in 

the prefix of quantifiers" . 

C3 = PRED<(zo,z^) APx(z^,) 

C4 expresses "j/q is the predecessor of the root in ran(Vb), i.e., it is the X in the 

quantifier-free part" . 

C4 = PRED<(2/o,y^)APx(y^,) 

■ C5 expresses "zy: is the successor of the leaf in dom(Vo)". 

C5 = SUC<(z/,z})A-P|(z}) 

C6 expresses "y^ is the successor of the leaf in ran(Vo)". 

C6 = SUC<(2;/,y;.)A-P|(iy}) 

C7 expresses "P((yp(z^)) = H^iy'^T . 

G7 = \/xx' {{Vp{z'o,x) ABtix.x')) 

3ziZ2iH4,{y'„,zi,Z2)A 

((V = 0" A Co(zi, Z2)) V (V = r A Ci(zi,Z2))))) 



6.2.2 Expressing AVS2.2 

Now we need to check whether the formula (j) built in the previous step, evaluates 
to true. The idea is to evaluate one connective at a time, and one pair of matching 
parenthesis at a time, until the final result becomes 1. Let us look at the example 
in Figure 6.7. Note that there are ten evaluation steps, which correspond to ten 
"operators" (i.e., either connectives or pairs of parenthesis). If there are at most n 
symbols in (p, that means that the whole evaluation process needs at most n evaluation 
steps. This is the reason for using pairs of elements to represent the nodes of the graph 
{C,Ec), and quadruples to represent the edges. This allows the whole evaluation 
process to take up to n steps (where n is the length of the input formula). In each 
step, we have a Boolean sentence on {0, 1} with up to n symbols. Each node in the 
graph {ST, Est) represents one such formula, and the function M (for Marker) is a 
pointer which tells us in which node in {C,Ec) that formula begins. Note that in 
each evaluation step, either one or two symbols are removed from the formula at the 
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previous step. Figure 6.8 further illustrates the graphs (A) and (B) of Figure 6.7 with 
a horizontal orientation. Each evaluation step is called a stage. And the first symbol 
in each stage is given by the marker function M. 



(C, -Be) 



Markers (in Bold) 



< 



1. ; (((0V1)A(-0))A(1V0)) 

2. ^((OVl) A(l)) A(IVO)) 

3. (((0 V 1) A 1) A (1 V 0)) 

4. (((1) Al)A(lVO)) 

5. (((1) Al) A(l)) 

6. ((lAl)A(l)) 

7. ((lAl)Al) 

8. ((1)A1) 

9. (1 A 1) 

10. (1) 

11. 1 (TRUE) 



(A) (ST, Est) 




Figure 6.7 
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K3-- 



■-»o'(< 




Figure 6.8 



Based on this description, we can express AVS2.2 in Section [6T2] as follows: 
Al A A2 A A3 A A4 A A5 where 

• Al expresses "(C, Eq) is a linear graph". 

• A2 expresses ^^{ST, Est) is a linear graph". 

• A3 expresses "M : ST — > C is an injective and total function that preserves PATH 
in Est and -Ec" . 
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• A4 expresses "Ca, Cy, C^, C(, C), Co, Ci are pairwise disjoint, and Ca U Cy U U 
C(UC)UCoUCi =C". 

• A5 expresses "For every stage x, from stage x to stage x + 1, we need to follow the 
rules of evaluation (see Figure 6.7 part A). The formula in (C, Eq) at stage x + 1 is 
the same as the formula at stage x, except for one of three possible sorts of changes, 
which correspond to the cases (a), (b) and (c) of Figure 6.9". 



Function: whore e {A, V} and bi, 62, 63 £ {0, 1} 



( fcl 9 &2 ) ( fcl ) ( 61 ) 




( fc3 ) ( fc2 ) fcl 

Case (a): ((p2l , P22 ) (P3l , P32)void) Case (b): ((p2l , P22)void) Case (c): 

{(vi , V2)iwi , ■u;2)void) 



Figure 6.9 



We describe next how to express A1-A5 above in second-order logic. See Section [6?3l 
for the auxiliary formulae used below. 

Al = LINEAR(C,i;c) 
A2 EE LINEAR2(5r, Est) 

A3 = Vs s' h t2 fcl fc2 (A3.1 A A3.3 A A3.3 A A3.4) where 

• A3.1 expresses "M is a function, AI : ST ^ C'\ 

A3.1 = {{M{s, hM) A M (s, fcl, fca)) ^ ((^i = fci A ^2 = ^2) A ST{s) A C(ti, ta))) 

• A3. 2 expresses "M is injective". 

A3. 2 = ((M(s, fcl, fc2) A M(ti, fcl, fc2)) ^ s ti) 

• A3. 3 expresses "M is total". 

A3.3 = {ST{s) -> 3t'ii'2(M(s,i'i,4))) 

• A3. 4 expresses "M preserves PATH in Est and -Ec"- 

A3.4 EE ((M(s,ti, ^2) A M(s', fcl, fca) A PATHst(s,s')) ^ PATH^^ (ii, is, fci, fc2)) 

A4 = VsiS2((Ca(si,S2) ^ -Cy(si,S2)) A (Ca (si, S2) -> -iC^(si, S2))A 
(Ca(si,S2) -> -'C((S1,S2)) A (Ca(si,S2) -'C)(S1,S2))A 
(Ca(si,S2) ^ -'Co(si,S2)) A (Ca(si,S2) -'Ci(si,S2)) A •••)A 
VS1S2(C(S1, S2) ^ (Ca(si, S2) VCy (Si, S2) VC^(si, S2) VC((si, S2) VC) (Sl, S2)V 

Co(si,S2) VCi(si,S2)))A 
VsiS2((Ca(si,S2) C(S1,S2)) A (Cv(si,S2) C(si,S2))A 
(C-,(S1,S2) ^ C(S1,S2)) A (C((S1,S2) ^ C(S1,S2))A 
(C)(Si,S2) C{SI,S2)) A (Co(Sl,S2) ^ C(S1,S2))A 
(Ci(si,S2) ^C(S1,S2))) 
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A5 = Va;(S'T(a;) 3E^ /i /a h h /{ /2 1'l l'2{ad V V (ao A V ab V ac)))) where 

The function maps the formula at stage x to the formula at stage x + 1. The 
subformula ad corresponds to the last transition, i.e., the transition to the last formula 
in (C, Ec) ( "0" or "1" ). The subformula ag corresponds to the last formula in (C, Eq)- 
The subformulae aa, ctb and Qc correspond to the three possible cases (a), (&) and 
(c) as in Figure 6.9, according to which sort of operation is the one involved in the 
transition from the formula in stage x to the next formula in (C, Eq)- Note that the 
transition to the last formula ad is necessarily an instance of case (c) in Figure 6.9. For 
case (c) in Figure 6.9, Ey is not total in its domain, since (vi,U2)(() and (wi,W2)()) 
are not mapped. For the last formula, E^ is not injective, since (/{, = (^i) '2) (i-^-i 
/{ = l[ and = l'^) (see Figure 6.11). 

ao = A5.1 A A5.2 A A5.3 A A5.4 where 

• A5.1 expresses "a: is not the leaf in Est, and it is not the predecessor of the leaf". 
A5.1 = 3yyi{EsT{x,y) AEsT{y,yi)) 

• A5.2 expresses : C — >■ C is a partial injection mapping the formula in (C, Ec) 
in stage x to the formula in (C, Ec) in stage Est{x)" 

A5.2 = ysiS2tit2kik2{i{Ey{si, S2,ti,t2) A Ey{si,s2, fci, fe)) 

{{h =kiAt2=k2) /\C{SI,S2) AC{ti,t2)))/\ 

{{Ey{sT_,S2,ki,k2) AEy{ti,t2,k-i,k2)) -)■ 

(Si =tiAS2= t2))) 

• A5.3 expresses "((/i, /2), (^i, ^2)) and ((/(, /2), (^1, ^2)) are the delimiters of the 
two formulae as in Figure 6.10". 

A5.3 = M{x, fi, /2) A A5.3.1 A A5.3.2 A 5.3.3 where 

- A5.3.1 expresses ''M{Est{x), Ec{lij2))" ■ 

- A5.3.2 expresses ''EcihM) = (/{,/2)"- 

- A5.3.3 expresses ''E-^^{M{Est{Est{x))),1[A)'" ■ 

• A5.4 expresses "i?^, maps nodes from the subgraph induced by ((/i, /2), (^i, ^2)) to 
the subgraph induced by ((/{ , /2), ('i, ^2))" • 

A.bA = 'iyxy2ZiZ2{Ey{yi,y2,Zi,Z2) 

(PATHb^ (/i, /2, j/i, 2/2) A PATHb,, , jya, h, l2)A 
PATUec {.fi , /2 , , Z2) A PATReo {zi , Z2, 1'l , /^))) A 

Ev{fl,f2, fi,f2) A Ey{lij2JlJ2) 
tta = 3viV2WiW2v{v'2W[w'2PllPl2P2lP22P3lP32P'iiP[2{ 

A5.5 A A5.6 A A5.7 A A5.8 A A5.9) where 

• A5.5 expresses ^%{vi,V2),{wi,W2)) and {{v[,V2),{w'i,w'2)) define the window of 
change, that is the segment of the formula that is affected (changed) in the tran- 
sition from stage x to stage a; + 1 of the evaluation (see Cases (a) and (b) in 
Figure 6.10)". 

A5.5 = PAT'5iEc{fi,f2,vi,V2)APATREciwi,w2JiJ2)AEcipiuPi2,P2uP22)A 

Ec{p21,P22,P31,P32) A Ecivi,V2,Pll,Pl2) A Ec{p31,P32,Wi, W2 ) 

C({vuV2) A C) iwi,W2) A PATRec (/{ , /2, v'i,V2) A PATHb^ {w[,w'2, l[, Z^)A 

Ec{v[,V2, p'l i,p[2) AEc {p'li ,p[2,w[,w'2) A Ey{pii,pi2, p'u , p'12) ^ 
Ey{vi,V2,v[,v'2) A Ey{wi,W2,w[,w'2) A C(^{v[,v'2) A C){w[, w'2) 
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(/11/2) (211,212) (221,222) (ui,f2) {h,h) 

o o — ►o o o 



o S — o o 

Left side of the window 

(h,h) ("1,^2) (wi,W2) ((1,(2) {h,h) ("1,1)2) (■u'i,«'2) ((1,(2) 



( ) 



(/^/2) (^l:^'2) {w[,w'^) {l'xj'2) 

Cases (a) and (b) 

Ey preserves Ec 



Case (c) 



Figure 6.10 



• A5.6 expresses "Ey preserves Ec outside of the window of change, and preserves 
left and right side of the window of change (see Figure 6.10)". 

A5.6 = \fziiZi2Z2lZ22Z'iiZ{2Z2iZ22{ 

{{PATBec (/i. /2, ^11, 212) A PATRec {z2i,Z22,vi,V2)A 
Ec{zii,zi2, ^21, 222) A Ey{zn,zi2, -Zn, 2^2) A -E„(z2i, 222, 4i: 42)) 
(PATRec (./( , /2, ^2) A PATHs^(4i, z'22, v{, ^;^)A 

Ec{z'ii,z[2,z'2i,z'22)))A 

{{PATREciwi,W2, -211, 2:12) A PATHb^(z21, 222, ^i, ;2)A 

■E^c(2;il, 2l2, 221, 222) l\Ey{zx\,Z\2,z\^,z\2) ^ Ey{z2l, Z22, z'21, z'22)) 
(PATRec{<,w'2,z[,.z[2) a PATH^;^(4i, 1'l, ^2)A 

Eciz'ii, Z[2, Z21, Z22)))) 

• A5.7 expresses "Ey preserves symbols in left side of the window of change". 
A5.7 = \/ziiZi2z[j^z[2{ 

{PATRec {h,h,zii, 2:12) APATHbc (211, 212, Vl,V2)^Ey{zll,z^2, z[^, ^j)) 
^ (PATHi5^(/{, zi2) A PATHB^(zii, zi2, «i, «^)A 

((^((211,212) AC((zii,42)) V (C)(zn,2i2) AC)(zii,zi2))V 

(Ca(zi1,2;i2) ACA(4i,zi2)) V (Cv(2;ii,Zi2) ACv(4i,zi2))V 

(Co(2ii, 212) A Co(4i, ^2)) V zi2) A Ci(4i, z;2))V 

(C.(-2ll,^12)AC.(4l,-2y)))) 

• A5.8 expresses "Ey preserves symbols in right side of the window of change". 
A5.8 = 'iziizi2z'iiz[2{ 

{PAT:Rec{wi,W2, Zii, Zi2)APATRec{ziI, Zi2,h,l2)r\Ey{zii, Z-i_2, z[-^, z[2)) 

^ (PATH^s^ {w[,w'2, 4i, ZI2) A PATHs^, (4i, ^2)A 

((q(zii,zi2) AC((zii,zi2)) V (C)(zn,zi2) AC)Ki,zi2))V 

(Ca(2ii,Zi2) AC7a(21i,2;2)) V (Cv(2ii,Zi2) ACv(4i,zi2))V 

(Co(^ii,^i2) ACo(4i,42)) V {Ci{zii,Zi2)ACi{z[^,z[2))y 
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(C.(zn,^i2)AC.(zJi,z(2))))) 

• A5.9 expresses "In (^'11,^12) we get the result of applying the operator 9 in 
(P2i,P22) to the Boolean values 61, in (pii,pi2), and &2 in (^31,^32) (see (a) in 
Figure 6.9)". 

A5.9 = ((Co(pii,pi2) A Co(p3i,P32) A Ca(p21,P22) a Co(pn,pi2))V 
(Co(pii,pi2) A Co(p3i,P32) A Cv(p2i,P22) A Cq (p'n > ^12)) V 

(Co(pil,Pl2) A Cl(p31,P32) A Ca(P21,P22) A Co(pn,pi2))V 
(Co(Pll,Pl2) A Ci(p3i,P32) A Cv(p21,P22) A Ci (p^i , ^'12)) V 

(Ci(pii,pi2) A Co(p3i,P32) A Ca(p21,P22) A Co(pii , Pi2))V 

(Cl(Pll,Pl2) A Co(p31,P32) A Cv(p21,P22) A Ci (p^i , pi2))V 
(Ci(pii,pi2) A Ci(p31,P32) A Ca(P21,P22) A Ci (p'^ , p'12)) V 
(Clbll,Pl2) A Ci(p31,P32) a Cv(P21,P22) A Ci (p'^ , p'12))) 

The subformulae and ac that correspond to the cases (6) and (c) in Figure 6.9, are 
similar to tta- For the clarity of presentation, we omit those formulae. Furthermore, 
it should be clear how to build them using Oa as template. Moreover, the complete 
formulae can be found in |12) . We present next the remaining two subformulae, 
namely and ae- 

ad = 3y{EsT{x, y) A -•3z{EsT{y, z))A 

^PiiPi2PnP'i2iM{x, /i, /2) A M{y,p[^,p[2)A 

Ecifi, .f2,Pii,Pi2) A Ec{pii,Pi2,h,h) A Ec{li,l2,p'ii,p'i2)^ 

"'3P2lP22 {Ec {P'll, P'l2^P21 > -P22)) A 

C((/i,/2)aC)(;i,Z2)a 

((Ci(pii,pi2) A Ci(p'ii,p'i2)) V (Co(pii,Pi2) A Co(p'n,K2))))) 

Note that the first line in ad expresses "a; is the predecessor of the leaf in Est" , so 
that this case corresponds to the last transition (see Figure 6.11). Also note that the 
last transition is necessarily an instance of case (c) in Figure 6.9" 
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►6 — <y 
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Figure 6.11 



ae = A5.1Q A3p[p'2{M{x,p[,p'2) A A5.11 A A5.U) where 
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• A5.10 expresses "a; is the leaf in Est" ■ 
A5.W = ^3yiEsTix,y)) 

• A5.11 expresses "(p'i)P2) is the leaf in Eq" ■ 
A5.11 = -^3y[y'2{Ecip[,p'2,y[,y'2)) 

• A5.12 expresses "the last formula in (C,Ec) is 1". 
A5.12 = Ci(yi,pi) 



6.3 Auxiliary Form,ulae 

For the sake of completeness, we define next the remaining auxiliary formulae used 
through the previous subsections. We assume an edge relation E and a total order <. 

"a; = 0" = -'3y{y ^xAy<x) 

"a; = 1" = 3y{y ^ xKy < xA^3z{z ^ xAz ^ yAy < zAz < x)A-'3z{z ^ yAz < y)) 
SUC<(x, y) =x<yAy^xA -'3z{z ^xAz^yAx<zAz<y) 
PRED<{y,x) =SVC<{x,y) 

PATHe(w,w) is used to denote the following formula which is satisfied by a given 
graph G iff {v,w) is in the transitive closure of the relation E^. 

PATHb(v, w)=v = w V 3V'E'{V'{v) A V'{w) A Al A A2 A A3 A A4 A A5) 

• Al expresses "{V , E') is a subgraph of {V, E) with no loops". 
Al=\/xy{E'{x,y) {V {x)AV' {y)AE{x,y)))Ayx{V'{x) V{x))AWx{-^E' {x,x)) 

• A2 expresses "v is the only minimal node" . 

A2 = -.3x{E'{x, v)) A V?y((F'(y) Ay^v)^ 3xiE'{x, y))) 

• A3 expresses "w is the only maximal node" . 

A3 = -^3xiE'{w,x))Ayy{{V'iy)Ay^ w) ^ 3x{E'iy,x))) 

• A4 expresses "all nodes except v have input degree 1" . 

A4 EE Wz{{V'{z) Az^v) ^ 3x{E'{x, z) A Vy((F'(y) A E'{y, z)) ^ y = x))) 

• A5 expresses "all nodes except w have output degree 1" . 

A5 = yz{{V'{z) Az^w)^ 3x{E'{z, x) A V?/((y'(y) A E'{z, y)) ^ y = x))) 

That is, PATH£;(i;, w) expresses "(V, £") is a linear subgraph of (V, E), with min- 
imal node V and maximal node . We use a similar strategy to define the next 
auxiliary formula LINEAR(V, £") which expresses "{V,E) is a linear graph". 

LINEAR(1/, E) = Va;y(PATHB(a;, y) V PATHi5(2/, a;))A 
{3xy{x j^y) ^ yx{^E{x,x)))A 
3vw{V{v) A V{w)A 

-.3x{E{x, v)) A yy{{V{y) Ay^v)^ 3x{E{x, y)))A 
^3x{E{w, x)) A Vy{{V{y) Ay^w)^ 3x{E{y, x)))A 
yziiV{z) Az^v) 

3x{E{x, z) A 'iy{{V{y) A E{y, z)) ^ y = x))) 
\lz{{V{z) Az^w) ^• 

3x{E{z, x) A V2/((y(t/) A E{z, y)) ^ y = x)))) 

Note that we only allow loops in a linear graph when it has only one node. 
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In a similar way we can define the second-order formula LINEAR2(y, E) where the 
free second-order variables have arity 2 and 4 respectively. 

We also use the formula PATHec (a^i, a^2, 2/2) with free first-order variables xi, 
X2, yi, 2/2, where the set of vertices is a binary relation, and the set of edges is a 4-ary 
relation (see Figures 6.7 and 6.8). 

7 SATQBF in Third-Order Logic 

In this section we show how to build a formula in third-order logic that expresses 
SATQBF. We omit the tedious details of the subformulae which can be built following 
the same patterns than in the detailed exposition of the second-order formula for 
SATQBFfc. 

Roughly, we first express the existence of a third-order alternating valuation T^, 
applicable to a given QBF formula (p. Then we proceed to evaluate the quantifier-free 
part if' of if on each leaf valuation Li, of T„. For this part we use the same second- 
order subformulae than for SATQBF^,. That is, from if' and L^,, we build a Boolean 
sentence (f) on {0, 1} by replacing each occurrence of a Boolean variable x in ip' by 
a constant or 1 according to the Boolean value assigned by L^, to x, and then we 
evaluate (/). 

Unlike the case with SATQBFj, in which the input formulae all have a same fixed 
number k of alternating blocks of quantifiers, in the case of SATQBF the number of 
alternating blocks fc > 1 of quantifiers in the input formulae is not fixed. That is, 
we need to take into account that the input formula can have any arbitrary number 
fc > 1 of alternating blocks of quantifiers. We assume w.l.o.g. that the quantification 
in the input formula tp has the form 

3x11 • ■ ■ 3xii^\/x2i ■ ■ ■ yx2i23x3i ■ ■ ■ 3x31^ ■ ■ ■ Qxki ■ ■ ■ Qxu^ ( 

(fi'{xil,. . . , Xll^,X21 ■ ■ ■ ,X2l2,X31, ■ ■ ■ ,X3l^,. . . ,Xfel, . . . , Xkl^)) 

where fc > 1, the formula is a quantifier- free Boolean formula and Q is 3 if fc is 
odd, or V if fc is even. To represent the formulae as relational structures, we use the 
same encoding based in word models as in Section [6l 

We present a sketch of the third-order formula (^ssatqbf that expresses SATQBF. 
We follow a top-down approach, leaving most of the fine details of the formulae in 
the lowest level of abstraction as an exercise for the reader. At the highest level of 
abstraction, we can think of (/ssatqbf as a third-order formula that expresses. 

"There is a third-order alternating valuation Ti, applicable to if, which satisfies (^" . 

At the next level of abstraction we can express v^satqef in third-order logic as 
follows. 

3Vt St Bt Vt Et [kl A A2 A A3 A A4 A A5) where 

• Al expresses "S* : Vt {0, 1}". 

• A2 expresses "Gt = {Vt,Et) is a linear graph which represents the sequence of 
quantified variables in (ys" . 

• A3 expresses "(Vt,ft) is a third-order binary tree with all its leaves at the same 
depth, which is in turn equal to the length of [Et, V*)". 



32 Expressing Properties in Second and Third Order Logic 



• A4 expresses ^'(Vt, £t, St) is a third-order alternating valuation Ty applicable to tp, 
i.e., all the nodes in {Vt,£t) whose depth correspond to a universally quantified 
variable in the prefix of quantifiers of tp, have exactly one sibling, and its value 
under Bt is different than that of the given node, and all the nodes whose depth 
correspond to an existentially quantified variable in the prefix of quantifiers of (p, 
are either the root or have no siblings" . 

• A5 expresses "Every leaf valuation in {Vt, St, Bt) satisfies (^"'. 

Recall that we use uppercase calligraphic letters for third-order variables and plain 
uppercase letters for second-order variables. In particular, Vt, St and Bt are third- 
order variables while Vt and Et are second-order variables. 

Finally, we describe the strategies to express A2-A5 in third-order logic. 

A2. LINEAR(yt, £;t) A A2.1 where 

— A2.1 expresses "The length of Gt is equal to the number of variables in the prefix 
of quantifiers of That is, there is a relation Vp which is a partial bijection 
from the quantifier prefix of ip (restricted to the AT's in the quantifier prefix) 
to Vt, which maps every X in the quantifier prefix to its corresponding node in 
Gt, and which preserves Et and <*^»' in Gt and ip (restricted to the X's in the 
quantifier prefix) , respectively" . 

See (A) in Subsection 16. 2. II for more details. 

A3. Let £t \Sd denote the restriction of the third-order relation £t to the nodes in the 
third-order set Sd- We can express A3 as follows: 
A3.1 A A3.2 A A3.3 A A3.4 where 

— A3.1 expresses "(Vt,£t) is a third-order connected graph that has one root and 
one or more leaves" . 

— A3.2 expresses "Except for the root node, all nodes in {Vt,£t) have input de- 
gree 1". 

— A3.3 expresses "Except for the leaf nodes, all nodes in {Vt,£t) have output 
degree 1 or 2" . 

— A3. 4 expresses "All leaf nodes in (Vt, £t) have the same depth, which is in turn 
equal to the length of (Vt, i?t)" 

A3.1, A3. 2 and A3. 3 can be expressed in third-order logic as follows: 
3i?(VZ(Vt(Z) ^ PATH£,(i?, Z))A 

-^3S^{£t{Si,R))A 

3Sii^3S2{£tiSuS2)))A 

^Z{{Vt{Z) AZ^R)^ 3Sii£tiSi,Z) A V52(^t(^2, Z) ^ Si = ^2)))) A 
VZ(Vt(Z) ^ -351^2^3(^1 ^ ^2 A ^2 ^ ^3 A S-i ^ ^3 A £tiZ, Si) A £t{Z, S2)A 
£t{Z,S3))) 

Regarding A3. 4, we can express it as follows: 

VX(A3.4.1 ^ {3Sd V{A3A.2 A A3.4.3 A Sd{X) A A3.4.4 A A3.4.5))) where 

— A3. 4.1 expresses "X is a leaf node in (Vt,ff)". 

— A3.4.2 expresses "5d C Vt". 

— A3. 4. 3 expresses "P : Vf -> 5(j is a bijection that preserves Et and £t \s/ ■ 

— A3.4.4 expresses ''V-^{X) is the leaf node in Gt = (V, ^^t)"- 

— A3. 4. 5 expresses includes the root of (Vt,ft)"- 
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A4. We can express A4 as follows (refer to Figures 6.2 and 6.5): 
A4.1 AVa;V5d((Vf(a;) AA4.2AA4.3) ^ 

VI>((A4.4 A A4.5) -> ((A4.6 ^ A4.7) A (A4.8 A4.9)))) where 

— A4.1 expresses '^Bt is a total function from Vt to {0, 1}". 

— A4.2 expresses "Sd Q Vt' ■ 

— A4.3 expresses "(5^, £t \Sd) is a linear graph which includes the root of (Vt, £()" . 

— A4.4 expresses "2? is a bijection from the initial subgraph of Gt up to x, to Sd" ■ 

— A4.5 expresses "2? preserves Et and £t \sd" ■ 

— A4.6 expresses "the predecessor of V~^{x) in <'^^ is V". 

— A4.7 expresses "V{x) has exactly one sibling in {Vt,£t) and Bt of that sibling is 
not equal to Bt(V{x)y . 

— A4.8 expresses "the predecessor of V~^{x) in <'^v jg 3". 

— A4.9 expresses "I?(x) has no siblings in {Vt,St), or T>{x) is the root in (Vt,£t)". 
A5. V54(A5.1 A A5.2) ^ 32?St(A5.3 A A5.4 A A5.5)) where 

— A5.1 expresses "5„ C Vt". 

— A5.2 expresses "{Sy,£t \s^) is a linear graph which includes the root and a leaf 
of(Vt,5t)". 

— A5.3 expresses "P is a bijection from Vf to Sy which preserves Et and £t l'5„"- 

— A5.4 expresses "Bt is a total function from Vt to {0, 1} which coincides with 
Bt{Su) w.r.t. P". 

— A5.5 expresses "the leaf valuation represented by {Vt, Et, Bt) satisfies the quantifier- 
free subformula ip' of ip" . 

Note that, A5.5 can be expressed as in Subsection 16.2.21 

Remark 7.1 

Note that while in the third-order formulae in A4 and A5 we have used universal 
third-order quantification (for Sd and V in A4, and for Sy in A5), it is not actually 
needed, and existential third-order quantification is enough. These are the only sub- 
formulae where we have used universal third-order quantification. Hence, we strongly 
believe that our third-order formula can be translated in a rather technical way into 
an existential third-order formula. 

Let us consider the sketch for an existential third-order formula equivalent to the 
formula in A4 (the existential formula for A5 is easier). We can say that for every 
node X in the graph {Vt,Et), and for every set Z that is a node in the third-order 
graph (Vt, £t), and such that there is a third-order set Sd of nodes in the third-order 
graph {Vt,£t), such that the restriction of the edge relation £t to the third-order set 
Sd, together with Sd, form a (third-order) subgraph that is a linear graph whose root 
is the root of the third-order graph {Vt,£t), and whose leaf is the set Z, and such that 
its length is the length of the initial subgraph of the graph (Vf , Et), up to the node x, 
if the variable represented by x in the input formula if is universally quantified, then 
the node Z in the third-order graph {Vt,£t) has exactly one sibling in that graph, 
and that sibling has a different value assigned by Bt than the value assigned by Bt 
to Z. On the other hand, if the variable represented by x in the input formula if 
is existentially quantified, then the node Z in the third-order graph {Vt,£t) has no 
sibling in that graph. To say that "the third order graph induced by the set Sd in 
the graph {Vt,£t), whose leaf is the set Z, has the same length as the initial subgraph 
of the graph (yt,Et), up to the node x" , we say that there is a binary third-order 
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relation D which is a bijection between the set of nodes in the initial subgraph of the 
graph (Vf , Et), up to the node x, and the third-order set Sd, and which preserves Et 
and the restriction of the edge relation £t to the third-order set Sd- 

8 Final Considerations 

Let 3S0-^ denote the restriction of 3S0 to formulae with second-order variables of 
arity < 2. As pointed out in [2], it is open whether on graphs full 3S0 is strictly 
more expressive than 3S0-^. Also as pointed out in [2], no concrete example of a 
graph property in PSPACE that is not in binary NP has been found yet, even though 
it is known that such properties exist. Hence, it would be worthwhile to find an 
example of a PSPACE query on graphs that cannot be expressed in 380-^. The 
gained experience on writing non-trivial queries in second-order logic, can prove to be 
a valuable platform to make progress on these kind of open problems. In particular, 
we used a second-order variable of arity 4 in Section 6. We used it to represent 
(together with other variables) a linear digraph which, for each of the leaf valuations, 
encodes a sequence of word models corresponding to the different stages of evaluation 
of the quantifier free part of the input QBFfe formula. Since the size of the Boolean 
formula in each stage is linear in the size of the input QBFfc formula, and the number 
of connectives in the formula is also linear, the length of the complete sequence of 
Boolean formulae is quadratic. Therefore, we conjecture that arity 4 is actually a lower 
bound, though we have not attempted to prove it yet. In general, the exploration of 
properties which force us to work with intermediate structures of size greater than 
linear w.r.t. the input, seems a reasonable way of approaching these kind of open 
problems. 

As noted earlier, there are second-order queries that are difficult to express in the 
language of second-order logic, but which have an elegant and simple characterization 
in third-order logic. Therefore it would be interesting to explore possible characteri- 
zations of fragments of third-order logic that admit translations of their formulae to 
equivalent formulae in second-order logic. This way, those fragments of third-order 
logic could be assimilated to high-level programming languages, while second-order 
logic would be the corresponding low-level programming language. In turn, this would 
allow us to express complex second-order queries with greater abstraction of the low- 
level details, thus minimizing the probability of error. 
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